Training Navy ROTC students in the Development and Deployment of FPGA Accelerated Network Intrusion Detection Systems for Identifying Indicators of Cyber Attack

Abstract

Research Problem and ObjectivesThis proposal responds to Office of Naval Research (ONR) FOA Announcement #N00014-19-SF009 Amendment 0002, for the Navy ROTC Cybersecurity Training Program. This program aims to provide strategic solutions to naval-relevant challeng orevidence of policy violations. Simultaneously, the Navy has an interest in eliminating bottlenecks imposed by firewalls and existing network intrusion detection systems that reduce throughput and increase delay on high-speed Navy networks used in real-time combat systems that facilitate communication among multiple sensors, weapons, electronic equipment, and computers. Tomaintain the technological cybersecurity superiority of the U.S. Navy and Marine Corps, we propose to develop and offer a research and training progrraining will focus on designing and developing embedded intrusion systems for line-speeddetection of indicators of cyberattack on high-speed (100Gbps) networks. NROTC participants will address several research challenges, which include design and implementation of Non-Symmetric Deep Autoencoders (NSDA) on a network interface containing an FPGA accelerator; quantization, calibration, and fine tuning of NSDAs to achieve accurate classification of maliciousDoS, probe, U2R, and R2L flows; implementation of P4 codes that execute on programmable ASICs to perform line-speed time-based flow feature extraction; tests of Long-Range Dependence to c detect reconnaissance flows, and tests for uniformity using nonparametric statistical methods. Student research results will be submitted as articles to the 2021 IEEE SecureDevelopment Conference.Technical ApproachesThis project proposes the creation of a one-semester research and training program that will be offered for two semesters for undergraduate students participating in the Navy ROTC program at San Diego State University, with priority given to those with a declared major in a STEM discipline but will be open to NROTC students in other STEM majors. We expect to enroll 12 participants per semester. We propose the introduction of a 3-unit course that is cross-listed in the departments of Naval Science and Computer & Electrical Engineering. Curriculum will focus on teaching participants how to design embedded machine- and deep-learning architectures that implement hardware-based network intrusion detection systems using reconfigurable network interfaces. Participants will target the just-released Xilinx Alveo U25 Ethernet SmartNIC, devices that facilitate the edge deployment of deep-learning architectures that can be programmed and tuned to detect anomalous network flows at line-speed, so as not to impart latency in packet forwarding. The Xilinx Alveo U25 is capable of enforcing network security policy access control lists, perform encryption, and host user developed machine- and deep-learning architectures that can be trained on, and configured for, identifying malicious traffic on Navy and USMC networks.Anticipated Outcome of the Research and Impact on DoD CapabilitiesIf successful, outcomes of this research can augment, strengthen, and expand the cybersecurity certificate and masters degree programs offered at the Naval Postgraduate School (NPS) Graduate School of Operational and Information Sciences. In addition, our project aligns with the Navys mission of integrating cybersecurity education into the undergraduate ROTC curriculum of futureofficers and provides specialized technical training in the defensive cyberwarfare area of intrusion detection, so incoming Cyber Warfare Engineering (CWE) Officers will have a better ability to defend Navy networks and systems from cyberattacks.

Document Details

Document Type

DoD Grant Award

Publication Date

Nov 09, 2020

Source ID

N000142112023

Entities

Tags